Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197071.roa
File: AS197071.roa (raw, json)
Hash identifier: S4awI/s13gJtV7u3pUEhXtYvdtZoZO3qXWCSn8XSjdI=
Subject key identifier: 1F:35:9C:A9:F9:00:D9:3D:40:F3:34:55:CE:71:92:6D:AC:72:7E:DA
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 161598C5C6098F3CB287EC6B8485156023E79B51
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197071.roa
Signing time: Wed 31 Jan 2024 08:05:10 +0000
ROA not before: Wed 31 Jan 2024 08:00:10 +0000
ROA not after: Wed 29 Jan 2025 08:05:10 +0000
asID: 197071
IP address blocks: 191.101.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:15:98:c5:c6:09:8f:3c:b2:87:ec:6b:84:85:15:60:23:e7:9b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 31 08:00:10 2024 GMT
Not After : Jan 29 08:05:10 2025 GMT
Subject: CN=1F359CA9F900D93D40F33455CE71926DAC727EDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fd:e2:f2:a0:21:22:51:b3:da:52:96:28:3a:
ff:68:7b:e1:a2:09:4d:18:a3:ba:70:1a:8d:97:dc:
e9:e3:aa:f7:56:b0:ca:03:38:1b:39:e3:58:81:19:
6c:ee:40:c9:d2:70:3a:c8:d0:4e:c6:8b:e6:8f:1c:
56:c0:95:c2:7b:4c:8d:e3:f6:59:03:3b:5d:16:f4:
00:37:22:78:52:fc:5e:9a:a1:36:e8:d0:a9:71:54:
c1:dd:c5:55:87:73:63:0e:65:44:34:c9:45:83:93:
29:7f:37:c9:1a:08:1c:17:47:41:82:66:cc:47:e4:
76:32:48:e5:a5:66:2a:00:6a:fe:28:52:df:45:93:
1a:cb:f5:02:1e:a2:c3:9c:73:35:99:91:52:d0:6e:
35:65:9d:d6:e1:3f:53:9f:10:4a:18:98:fb:d1:58:
7d:e8:75:df:de:ac:36:a1:41:08:c6:c4:82:6c:a0:
3f:c7:df:f2:0b:54:17:5e:57:e8:1a:5b:8e:66:8a:
59:c6:c0:5e:e7:95:47:9b:c0:57:24:8d:fd:ca:86:
dd:b7:0a:e7:3d:7f:ed:9f:af:bb:a9:ae:96:90:98:
db:77:4f:40:38:5c:29:20:6e:2b:e3:5c:08:fe:a7:
a3:c7:e8:54:f6:ce:d3:17:af:3a:ea:b7:5b:ab:8a:
5e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:35:9C:A9:F9:00:D9:3D:40:F3:34:55:CE:71:92:6D:AC:72:7E:DA
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197071.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.51.0/24
Signature Algorithm: sha256WithRSAEncryption
62:68:fd:22:9e:39:31:a0:21:1a:28:87:86:40:2a:1d:4f:db:
d8:a3:ea:d8:b8:1f:f7:89:7a:19:3b:0c:d9:1c:f1:c9:2a:ef:
e0:26:77:ce:b4:9b:81:e3:13:16:4c:24:63:54:02:e5:36:a3:
cf:9f:45:59:5b:21:86:e9:ae:06:13:84:53:7c:af:bc:79:9b:
0e:ee:2d:54:fc:4d:f5:94:3e:50:fe:e8:c4:25:89:13:87:19:
d7:a1:22:47:19:09:7a:93:f4:ea:a4:b2:ee:95:88:83:d4:be:
fe:73:2d:94:cd:c6:79:87:c9:df:e6:eb:9b:83:42:f2:bb:f2:
e7:69:b3:3f:dc:e8:17:a4:ee:08:8a:72:19:a5:eb:4a:15:e3:
12:2d:e6:ca:fa:bc:c9:7c:39:54:e7:f3:b3:28:90:99:31:f4:
a6:4b:01:c5:b9:a9:fc:45:79:99:57:3f:72:3c:6a:f3:0e:a6:
2b:4c:d9:52:f5:5c:e8:29:44:2c:11:a5:0a:ac:90:b6:da:1c:
bf:56:0d:27:fa:ad:6f:e7:df:00:95:93:12:f9:bc:a3:e7:55:
0c:06:36:fa:fc:a2:f9:77:77:e0:91:d6:3c:54:73:90:28:6a:
39:d0:13:8e:f2:88:f9:7d:78:cb:a7:2d:7f:c0:70:35:67:b8:
08:e6:1e:b2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUFhWYxcYJjzyyh+xrhIUVYCPnm1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMzEwODAwMTBaFw0yNTAxMjkwODA1MTBaMDMxMTAvBgNV
BAMTKDFGMzU5Q0E5RjkwMEQ5M0Q0MEYzMzQ1NUNFNzE5MjZEQUM3MjdFREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8/eLyoCEiUbPaUpYoOv9oe+Gi
CU0Yo7pwGo2X3OnjqvdWsMoDOBs541iBGWzuQMnScDrI0E7Gi+aPHFbAlcJ7TI3j
9lkDO10W9AA3InhS/F6aoTbo0KlxVMHdxVWHc2MOZUQ0yUWDkyl/N8kaCBwXR0GC
ZsxH5HYySOWlZioAav4oUt9FkxrL9QIeosOcczWZkVLQbjVlndbhP1OfEEoYmPvR
WH3odd/erDahQQjGxIJsoD/H3/ILVBdeV+gaW45milnGwF7nlUebwFckjf3Kht23
Cuc9f+2fr7uprpaQmNt3T0A4XCkgbivjXAj+p6PH6FT2ztMXrzrqt1uril79AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUHzWcqfkA2T1A8zRVznGSbaxyftowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTk3MDcxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2Uz
MA0GCSqGSIb3DQEBCwUAA4IBAQBiaP0injkxoCEaKIeGQCodT9vYo+rYuB/3iXoZ
OwzZHPHJKu/gJnfOtJuB4xMWTCRjVALlNqPPn0VZWyGG6a4GE4RTfK+8eZsO7i1U
/E31lD5Q/ujEJYkThxnXoSJHGQl6k/TqpLLulYiD1L7+cy2UzcZ5h8nf5uubg0Ly
u/LnabM/3OgXpO4IinIZpetKFeMSLebK+rzJfDlU5/OzKJCZMfSmSwHFuan8RXmZ
Vz9yPGrzDqYrTNlS9VzoKUQsEaUKrJC22hy/Vg0n+q1v598AlZMS+byj51UMBjb6
/KL5d3fgkdY8VHOQKGo50BOO8oj5fXjLpy1/wHA1Z7gI5h6y
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:48:56 2024 by rpki-client on console-ams.rpki-client.org